Hi,
on my SEPM 14 i have a notification where it says "Download protection content failures". Also on windows definitions Latest from symantec and Latest on manager is not the same date. How can i fix this issue ?
I have problem with our throughput between 2 PCs connected to the same switch with 1Gbs interfaces. When I start streaming data between them I got just an half of the transmit speed with SEP, however when I disable SEP the transmition goes almost with full speed... Any solution???
SEP on - caption
SEP off - caption
Thanks, Ondrej
Hi all,
I have SEP 14 build 3872 and I'm trying to upgrade to 3929 but in the download zip, there is no build 3872 upgrade. The closest is 3876. Link: http://www.symantec.com/docs/INFO4993
I tried clicking on the executables but none will install presumably due to the build number not matching the upgrade patch.
Your help is appreciated! Thanks.
Dear All,
Pls help !!!!
Normal, SEP client connect to LUA then get update package.
When i upgrade SEP CLient to version 14.0.1 MP2 then SEP can connect to LUA but LUA show no any update package.
About LUA, I already choose all production unclude 14.x version.
Pls help check.
Thank so much.
We were promised SEP 14.1 was coming out in May and no word of it. It has several fixes we need.
Is there an approximate date.
Thanks
I am trying to implement file scanner usinf doscan.exe in C#. below is my sample code
string symantecFilePath = "C:\\Program Files (x86)\\Symantec\\Symantec Endpoint Protection\\12.1.7061.6600.105\\Bin\\Doscan.exe";
string targetPath = "C:\Temp\UploadDocs\test.docx";
using (Process process = new Process())
{
process.StartInfo = new ProcessStartInfo(symantecFilePath, "/ScanFile " + targetPath);
process.StartInfo.WindowStyle = ProcessWindowStyle.Normal;
process.StartInfo.WorkingDirectory = Path.GetDirectoryName(symantecFilePath);
var result = process.Start();
process.WaitForExit();
}
Code executes with no errors. But I dont see anything in error logs.
Does anybody knows what is happening here.
Good day dears,
I've setup sepm v14 according to this article Using Application and Device Control in Symantec Endpoint Protection (SEP) to block activity in common loading points for threats - https://support.symantec.com/en_US/article.TECH967... and receive logs regarding the policy.
But there is no parameter in the logs. Accordint to mentioned article:
"Parameter: What was the process trying to touch? "
How can I get this "parameter" shown in logs?
Thank you in advance.
Hello everyone,
First, I want to say that I have a case open with Symantec already for this but they can't find a resolution. I can't believe we are the only organization having this issue.
On May 1st 2018 I upgraded my SEP 14 from 14.0 to 14.0.1.2 with the assistance of Symantec. Before upgrading to the newest version, I had no issues. We made esure we did a backup of everything before starting. Now that we are on on 14.0.1.2 everything is fine, except that I cannot create client upgrade packages. Which may not sound like a big deal but it is since the only way I can do any client upgrades, as new packages come out, is to uninstall SEP from the clients and install the newest version.....not feasible at all. It has been over a month since opening a case with Symantec but they cannot find a resolution. Has anyone else seen this issue recently?
When I try to create an upgrade package I get the attached error
Hello everybody,
I have a SEPM console with 800+ endpoints.
Something happened on monday (4th of June) and all the endpoints are now offline with this message (error in heartbeat response (4) ).
I have verified some endpoints and they have definitions from yesterday (5th of June) so it's a little bit confusing because on the Endpoint (Help/Troubleshooting/Connection Status) appears Status: Not Connected (to
SEPM Console).
In Symantec Endpoint Protection/View Logs/Client Management/System Log there are some logs like:
-Failed to contact server for more than 10 times.
-Connected to Symantec Endpoint Protection Manager. (repeating)
-Disconnected from Symantec Endpoint Protection Manager. (repeating)
I have imported the Sylink.xml file but the problem persists. I used also SymDiag (attached). I have modified DNS addresses still nothing changed.
I have added the hostname's server in "hosts" but nothing changed. For the moment i can't uninstall any endpoints because i need a maintenance window for restarting the server.
Thank you!
When Integrating Symantec Endpoint Protection Manager 14.x with MS SQL server 2016 database on Windows server 2016 datacenter edition OS, the integration fails with Error 11501.
Windows Event viewer system logs error reads "An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The TLS connection request has failed." - Source- Schannel
Few facts:
1. TLS 1.2 is enabled through registry settings on Windows server 2016. TLS 1.0 and TLS 1.1 are not enabled for client/server options, both were disabled in the registry.
2. SQL server 2016 supports TLS1.2 by default. Microsoft lacks proper documentation on SQL Server 2016 TLS 1.2 specific settings. The Microsoft documentation is more specific and relevant for SQL 2014 and below.
3. Since the MS SQL 2016 and SEPM was on the same server ( though not the symantec best practice), the error on event viewer was TLS 1.2 cipher suites incompatibility issue.
4. On the Windows server 2016 datacenter edition only AES 256 bit cipher was allowed. Refer attached snapshot
5. Tried enabling "Force encryption" on SQL server configuration manager, with new certificate but did not work.
Error log in SEP manager tomcat/logs/ suggest the SSL handshake could not be established.
Upon further troubleshooting through IIS Crypto tool (Nartac Software), it appeared that customer had disabled PKCS key exchange, and only ECDH was allowed. Upon enabling PKCS the integration between SQL server 2016 and SEP Manager worked successfully.
Hi,
Looks like SEP 14 RU1 has some issues with SRTSP64.SYS causing a critical lock on the system and server becomes non-esponsive. Unable to RDP, remote PS etc. Only hard reset comes to rescue. Does anyone face similar issues?
Critical Section: services!ScServiceStartCriticalSection Owning Thread ID: 0x15b4
Hi everyone,
I have computer A and file text.txt I Create a policy to allow view file text.txt but terminate process if user try to write to this file. I share the folder cntain this file. The computer work fine with all computer has SEP Client Install. But computer without SEP Client, they have full permission on this file. They can read, write, move, delete ... How can i block all permission but read of file text.txt for those computer that don't have SEP client install using SEP, not File permission of Windows ??
Dear All,
I have tried to uninstall Symantec client through below Command and it is working fine. But the device getting restart without prompting restart to the user.
msiexec /X { product uninstall key} /passive
So it should not be restart the device. Kindly suggest.
ABUL-Symantec Engineer
✆ 80 95 76 79 06
bonjour;
j'ai un serveur SEPM 14MP1 ; j'ai voulu modifier l'installation des clients via la console ( j'ai créer un nouveau Feature set et j'ai modifier package pour chaque groupe)
la modification n'a pas marché les clients restent toujours avec l'ancienne installation même si je redémarre la machine
comment je peux vérifier ou est le problème ; et est ce qu'il y a une solution
Hi All,
We have a file which is getting blocked when downloaded from our portal in zip format and then getting run it gets blocked due to WS reputation 1
Any one any idea on this ?
We are on 14.0.1 RU1 MP1
Regards
Vivek P
Hi,
I have a Symantec Endpoint server installed with Symantec Endpoint Manager Version 14. There is a hardening requirement to configure my Computer Browser service to "Disable" for the server itself as well as all the member servers and client machines connected to it. Will there be any issues? Am I still able to push down my anti-virus definition files, updates as well as the installation package if there is a need to re-install Symantec Endpoint protection?
Cheers
Suan Leng
We have several old versions of Symantec AV deployed with two different operative SEP Manager: versions 12.1 and 14. We know that the SEPM v14 supports 14 and 12.1 agents . Which are the agent versions manageable officially by the SEPM v12.1? I cannot find any explicit documentation on it. I would know if SEP agent 11.x (or older 10.x) can be managed and kept updated using the 12.1 console.
Hi,
one of our customers complained about the Browser Intrusion Prevention. As soon as it's activated, it takes 1-3 minutes to open a PDF file (33mb) from the internal sharepoint server. Once they disable IPS, the file opens within a couple of seconds. We already tried to exclude the host but according to the customer it didn't help...
Clients are running on 14 RU1 MP1b with Windows 10 and IE 11.
Any advice? Thanks in advance!
I was able to import the 3 deception policys. I could not find any documention on what to do next. LOL
I have installed the manager for endpoint, seems to have not issues. But when I push the client out to the other systems on the network, network drives and other computers that can be seen on the network disappear. Also, I have SEPM 14 on one LAN, and it will not show the win 7 enterprise and pro system, but will show win 10 system with out an issues. Only way to update definitions is to go through the process of adding a client again for the win 7 OS system. Are there any fixes or workarounds found that may resolve these issues?